|
Bitwarden |
Matthew Leverton
Supreme Loser
January 1999
|
Anybody use Bitwarden for password management? I just gave it a quick try and it looks good. I have used Lastpass for a long time but their policy change to only allow you to use it on mobile or desktop (and not both) for free has annoyed me enough to switch to a different service. To be clear, I don't mind paying for something like this, but not in the way Lastpass is forcing it upon me. |
Jacob Moena
Member #19,324
February 2021
|
I used KeePassXC but nowadays I use the Firefox password manager. It also generates strong passwords on request and keeps track of vulnerable passwords. I am happy with that. Right now, I can see that I need to change my password on a great deal of sites due to a breach a while ago. And also, when I change the passwords, I will let Firefox generate secure passwords for those. The time of using only one password for everything has probably come to an end, for me ;p:D |
piccolo
Member #3,163
January 2003
|
this password thing needs to change there has to be a better way moving forward than having a bunch passwords to constantly manage wow |
dthompson
Member #5,749
April 2005
|
I use 1Password but have been considering switching to Bitwarden for a while. Might do just that before my next bill. Thankfully, it seems they're good at importing. ______________________________________________________ |
BAF
Member #2,981
December 2002
|
I was considering changing to Bitwarden, but I'm still confused as to how their business model works, exactly (and how that intersects with the product). If it's open source, why do I need to pay for a license to run my own self-hosted version? And if the licensing code is all open source, then isn't that a waste of effort to maintain, since the only people paying would be the folks who you could probably get to pay anyway? Admittedly, I haven't looked too deeply, but on the surface, something isn't adding up for me. I'm not opposed to paying for a product either, but with Bitwarden being touted as a LastPass replacement in response to them restricting their free offering, I can't help but wonder if they're actually any better. It sounds like they're just as able to start enforcing more restrictions as LogMeIn/LastPass are. |
bamccaig
Member #7,536
July 2006
|
It's probably the usual free software business model. You're paying for extra services and/or support, not the software itself. Which makes sense because that's the only thing you have any rights to in any software deal. It's the proprietary market that should confuse you, not this. If you'd prefer to spend the days it may take to learn how to configure your own setup and then maintain it you probably can (looks like all software is open source in the project GitHub). -- acc.js | al4anim - Allegro 4 Animation library | Allegro 5 VS/NuGet Guide | Allegro.cc Mockup | Allegro.cc <code> Tag | Allegro 4 Timer Example (w/ Semaphores) | Allegro 5 "Winpkg" (MSVC readme) | Bambot | Blog | C++ STL Container Flowchart | Castopulence Software | Check Return Values | Derail? | Is This A Discussion? Flow Chart | Filesystem Hierarchy Standard | Clean Code Talks - Global State and Singletons | How To Use Header Files | GNU/Linux (Debian, Fedora, Gentoo) | rot (rot13, rot47, rotN) | Streaming |
BAF
Member #2,981
December 2002
|
Per their documentation, you still need to be licensed even if you install the software yourself, which suggests to me that you're paying for more than service and support. So, still puzzling. |
bamccaig
Member #7,536
July 2006
|
Unless perhaps they still issue a license key to free licenses? But yeah, that's strange... There must be some proprietary technology left out that this calls (should be able to scan the repos for that kind of thing). Or else ,... it's just the honour system. Maybe you're paying for the software itself. Maybe it just looks free. Maybe it has a fancy free wrapper. Though it sounds like they aim to contact you with security updates, which is rather kind. -- acc.js | al4anim - Allegro 4 Animation library | Allegro 5 VS/NuGet Guide | Allegro.cc Mockup | Allegro.cc <code> Tag | Allegro 4 Timer Example (w/ Semaphores) | Allegro 5 "Winpkg" (MSVC readme) | Bambot | Blog | C++ STL Container Flowchart | Castopulence Software | Check Return Values | Derail? | Is This A Discussion? Flow Chart | Filesystem Hierarchy Standard | Clean Code Talks - Global State and Singletons | How To Use Header Files | GNU/Linux (Debian, Fedora, Gentoo) | rot (rot13, rot47, rotN) | Streaming |
Matthew Leverton
Supreme Loser
January 1999
|
Open source can be licensed under anything. I could open source a product but say you don't have permission to run it without paying for it. So yes, the honor system. But isn't that all software? I don't think it's alarming that you can illegally use software that you didn't pay for. |
William Labbett
Member #4,486
March 2004
|
So it is legal or illegal to download the source, compile it, build it and use it ?
|
Matthew Leverton
Supreme Loser
January 1999
|
With Bitwarden my understanding is you need a license to self host. The premium features still cost money. The point is that you can host the data yourself and read the source code to determine it is safe. |
bamccaig
Member #7,536
July 2006
|
It sounds to me like you only need a license to access business/"enterprise" features. I haven't gone through the code or tried to set it up or anything, but the server code is AGPL. The client code is GPL. Only the enterprise features are "Source Available" instead with a commercial license. So if you're only using it for your own passwords it's probably fine. Perhaps it wouldn't work well for an organization to share passwords and that sort of stuff. Append: The business licenses are very reasonable too. You can get a free 2 person organization license that lets you share between you. Or for $3/month/user you can get a business license with some enhancements. The full package appears to be $5/month/user. Correction: Of the business licenses only the $5/month/user enterprise option can be hosted by you. But the personal licenses all support it. -- acc.js | al4anim - Allegro 4 Animation library | Allegro 5 VS/NuGet Guide | Allegro.cc Mockup | Allegro.cc <code> Tag | Allegro 4 Timer Example (w/ Semaphores) | Allegro 5 "Winpkg" (MSVC readme) | Bambot | Blog | C++ STL Container Flowchart | Castopulence Software | Check Return Values | Derail? | Is This A Discussion? Flow Chart | Filesystem Hierarchy Standard | Clean Code Talks - Global State and Singletons | How To Use Header Files | GNU/Linux (Debian, Fedora, Gentoo) | rot (rot13, rot47, rotN) | Streaming |
William Labbett
Member #4,486
March 2004
|
Sounds good to me.
|
SiegeLord
Member #7,827
October 2006
|
KeePassX is for me on desktop, and nothing on mobile as that would mean to me pretending that my phone is in any sense secure (which would require me to buy a new phone every few years to keep Android up-to-date). "For in much wisdom is much grief: and he that increases knowledge increases sorrow."-Ecclesiastes 1:18 |
William Labbett
Member #4,486
March 2004
|
I used to use Keepass2 but it was doing strange things to my ubuntu machine. Obviously I can't prove it IS safe but I trusted Keepass2 enough to feel safe using it without having to read the source. Whenever I use some kind of encryption everything seems to go a bit paranormal. /* EDIT : I guess this post is a bit hard to make sense of. My psychology isn't always partiacularly familiar. I think I will be using bitwarden. */
|
bamccaig
Member #7,536
July 2006
|
SiegeLord said: KeePassX is for me on desktop, and nothing on mobile as that would mean to me pretending that my phone is in any sense secure (which would require me to buy a new phone every few years to keep Android up-to-date). Not necessarily pretending that it's safe, but rather accepting that having a proprietary phone at all (even just hardware with chips/radios you don't control) is insecure and the only option we have because they aren't regulated at all is phones that spy on us and make it easy for hackers to spy on us. Your real choice is opting out of having the convenience of a smart phone (or hell, any cellular phone or mobile device) at all. Which isn't really much of a choice. -- acc.js | al4anim - Allegro 4 Animation library | Allegro 5 VS/NuGet Guide | Allegro.cc Mockup | Allegro.cc <code> Tag | Allegro 4 Timer Example (w/ Semaphores) | Allegro 5 "Winpkg" (MSVC readme) | Bambot | Blog | C++ STL Container Flowchart | Castopulence Software | Check Return Values | Derail? | Is This A Discussion? Flow Chart | Filesystem Hierarchy Standard | Clean Code Talks - Global State and Singletons | How To Use Header Files | GNU/Linux (Debian, Fedora, Gentoo) | rot (rot13, rot47, rotN) | Streaming |
dthompson
Member #5,749
April 2005
|
I've gone ahead and made the switch from 1Password. It was surprisingly painless ______________________________________________________ |
Matthew Leverton
Supreme Loser
January 1999
|
I officially deleted my LastPass account after weeks with Bitwarden. No regrets. |
BAF
Member #2,981
December 2002
|
Matthew Leverton said: With Bitwarden my understanding is you need a license to self host. The premium features still cost money. The point is that you can host the data yourself and read the source code to determine it is safe. So you're just trusting Bitwarden to not pull the same thing on you that LastPass did? |
Matthew Leverton
Supreme Loser
January 1999
|
Uhm, yes? Any subscription service can have this issue. LastPass was bought out by people with no fundamental interest in the project. I used to pay money for it. Membership prices have tripled since then. If Bitwarden were to do the same thing, then I would move somewhere else. Export/import makes this a commodity. |
bamccaig
Member #7,536
July 2006
|
Not sure if it has already been posted, but I couldn't find it on the page. Apparently you can request an installation id and key (presumably free) here: https://bitwarden.com/host/. The need is apparently:
-- acc.js | al4anim - Allegro 4 Animation library | Allegro 5 VS/NuGet Guide | Allegro.cc Mockup | Allegro.cc <code> Tag | Allegro 4 Timer Example (w/ Semaphores) | Allegro 5 "Winpkg" (MSVC readme) | Bambot | Blog | C++ STL Container Flowchart | Castopulence Software | Check Return Values | Derail? | Is This A Discussion? Flow Chart | Filesystem Hierarchy Standard | Clean Code Talks - Global State and Singletons | How To Use Header Files | GNU/Linux (Debian, Fedora, Gentoo) | rot (rot13, rot47, rotN) | Streaming |
|